Available managed settings for Sophos Mobile Encryption 2.5

As of Sophos Mobile Control (SMC) 4.0 it is possible to manage the Sophos Mobile Encryption (SME) app on iOS devices.Prerequisite: SME has to be deployed via the SMC server so it becomes a "Managed application". The device must be running iOS 7 or higher. If the app was installed before by the user, it has to be removed and redeployed.

To manage the application, a new profile was introduced in SMC 4.0 which provides you the below configuration possibilities.

which cloud storage providers should be shown in the app ("Enable" column)

whether a user can mark files as "Favorite" for a cloud storage provider to read them even without an Internet connection ("Offline" column)

if a user should be able to share an encrypted file with other apps / accounts configured on the device using the "Open In" feature ("Share encrypted files" column)

if a user should be able to share a plain file with other apps / accounts configured on the device using the "Open In" feature ("Share plain files" column)

if a user should be able to copy file content to the clipboard ("Clipboard" column)

App password configuration

Enable app password - Activating this setting requires the user to enter a password every time the Sophos Mobile Encryption app should be opened. The password has to be specified by the user when opening the app the first time.

Password complexity - defines how complex the password for the app password has to be which the user has to enter every time the app is started.

Grace period in minutes - the time until the app will ask for the password again if the app was closed or alternatively the device was locked in the meantime.

Offline access rules

Last server connect - Defines the time how long the app can be started without connecting to the SMC server. If the time is exceeded, the app will be locked automatically. The user can try to unlock the app if the connection once the connection to the SMC server should be possible again.

Offline starts without server connection - Specify how often the app can be started if the app is not able to connect to the SMC server

Keyring and keys

Enable keyring - This setting enables the keyring feature of Sophos Mobile Encryption. After entering the passphrase of an encryption key once, it will be stored in the keyring. Files encrypted with a known key will be decrypted seamlessly without entering the passphrase again.

Passphrase complexity - if a new key is created manually on the device you can specify how complex the passphrase for it has to be

Corporate documents / Egnyte / WebDav

Within these sections you can specify an account of a file server within your network or an Egnyte account

Server - the IP or URL the server can be accessed by User name - a user name used to connect. The variables %_USERNAME_% or %_EMAILADDRESS_% can be used as well Password - the respective password for the user. You can leave that empty so the user can enter it Upload folder - the default upload folder which should be used for this account